4 ssl::service { 'www.debian.org':
7 #concat { '/etc/ssl/debian/certs/www.debian.org-chained.crt':
10 #concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt':
11 # target => '/etc/ssl/debian/certs/www.debian.org-chained.crt',
12 # source => 'file:///etc/ssl/debian/certs/www.debian.org.crt',
15 #concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt-chain':
16 # target => '/etc/ssl/debian/certs/www.debian.org-chained.crt',
17 # source => 'file:///etc/ssl/debian/certs/www.debian.org.crt-chain',
21 @ferm::rule { 'dsa-sip-ws-ip4':
23 description => 'SIP connections (WebSocket; for WebRTC)',
24 rule => 'proto tcp dport (443) ACCEPT'
26 @ferm::rule { 'dsa-sip-ws-ip6':
28 description => 'SIP connections (WebSocket; for WebRTC)',
29 rule => 'proto tcp dport (443) ACCEPT'
31 @ferm::rule { 'dsa-sip-tls-ip4':
33 description => 'SIP connections (TLS)',
34 rule => 'proto tcp dport (5061) ACCEPT'
36 @ferm::rule { 'dsa-sip-tls-ip6':
38 description => 'SIP connections (TLS)',
39 rule => 'proto tcp dport (5061) ACCEPT'
41 @ferm::rule { 'dsa-turn-ip4':
43 description => 'TURN connections',
44 rule => 'proto udp dport (3478) ACCEPT'
46 @ferm::rule { 'dsa-turn-ip6':
48 description => 'TURN connections',
49 rule => 'proto udp dport (3478) ACCEPT'
51 @ferm::rule { 'dsa-turn-tls-ip4':
53 description => 'TURN connections (TLS)',
54 rule => 'proto tcp dport (5349) ACCEPT'
56 @ferm::rule { 'dsa-turn-tls-ip6':
58 description => 'TURN connections (TLS)',
59 rule => 'proto tcp dport (5349) ACCEPT'
61 @ferm::rule { 'dsa-rtp-ip4':
63 description => 'RTP streams',
64 rule => 'proto udp dport (49152:65535) ACCEPT'
66 @ferm::rule { 'dsa-rtp-ip6':
68 description => 'RTP streams',
69 rule => 'proto udp dport (49152:65535) ACCEPT'